Multiple Zero-Days Discovered In Leading Antivirus And Endpoint Solutions

Multiple Zero-Day Security vulnerabilities in Top Endpoints Detecting and Responding (EDR) as well as Antivirus (AV) Solutions Found by SafeBreach Labs Researcher

In order to transform endpoint detection and response (EDR) and antivirus (AV) products into next-generation wipers. With the ability to affect hundreds of millions of endpoints worldwide, Or Yair. A security researcher at SafeBreach discovered a number of zero-day vulnerabilities. This wiper may delete practically any file on a system, including system files. And render a machine fully unbootable while operating with the permissions of an ordinary user. It accomplishes all of this without putting any code into the target files, making it completely undetected.

SafeBreach believes it is crucial that EDR and AV vendors proactively test their products against this type of vulnerability. If necessary, develop a remediation plan to ensure they are protected. While the team did its best to test the EDR and AV products we had access. It is not practical to test every product on the market.

Summarizing the importance of this research

Yair said: 

“By openly sharing information about this discovery, our goal is to raise a warning flag about the existence of these zero-day vulnerabilities and the ability to exploit them. Organizations must understand that a wiper is much more dangerous if it uses a trusted entity on the system—in this case, an EDR or AV—to complete its malicious actions by proxy.

As cyber criminals continue to evolve their tactics, organizations must understand that having security controls does not mean an organization is secure. In fact, security controls may be a preferred target for attackers because of their high privileges and the very high level of trust they command. Organizations must be prepared to proactively test and evolve their defensive capabilities to protect themselves against this ever-changing threat landscape.”

For technical detail, please visit here: https://www.safebreach.com/resources/blog/safebreach-labs-researcher-discovers-multiple-zero-day-vulnerabilities/

ISBuzz Team

• ISBuzz Team

  Air Canada Data Breach: BianLian Extortion Group Claims A Massive Heist Contrary To Airline’s Earlier Statement
• ISBuzz Team

  Unprecedented DDoS Attack Rocks The Web: Tech Giants Reveal A Digital Tsunami
• ISBuzz Team

  CISA Flags High-Severity Adobe Acrobat Reader Flaw Amid Active Exploits
• ISBuzz Team

  Curl Security Alert: Patching A Critical Bug Averting Potential Cyber Catastrophe